Skip to content
@step-security

StepSecurity

Secure your GitHub Actions with StepSecurity: Your Trusted CI/CD Security Partner
README.md

Step Security Logo

Close the CI/CD Security Gap

Pinned Loading

  1. harden-runner harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in re…

    TypeScript 949 83

  2. secure-repo secure-repo Public

    Orchestrate GitHub Actions Security

    Go 304 51

  3. wait-for-secrets wait-for-secrets Public

    Publish from GitHub Actions using multi-factor authentication

    TypeScript 295 20

  4. github-actions-goat github-actions-goat Public

    GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

    JavaScript 491 304

Repositories

Showing 10 of 219 repositories
  • esigner-codesign Public

    GitHub Action for CodeSigner by SSL.com. Secure drop-in replacement for sslcom/esigner-codesign.

    step-security/esigner-codesign’s past year of commit activity
    TypeScript 0 MIT 1 1 10 Updated Jan 26, 2026
  • ghaction-github-status Public

    GitHub Action to check GitHub Status in your workflow. Secure drop-in replacement for crazy-max/ghaction-github-status.

    step-security/ghaction-github-status’s past year of commit activity
    TypeScript 0 MIT 1 1 11 Updated Jan 26, 2026
  • harden-runner Public

    Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

    step-security/harden-runner’s past year of commit activity
    TypeScript 949 Apache-2.0 83 21 21 Updated Jan 26, 2026
  • action-send-mail Public

    A GitHub Action to send an email to multiple recipients. Secure drop-in replacement for dawidd6/action-send-mail.

    step-security/action-send-mail’s past year of commit activity
    JavaScript 0 MIT 1 1 13 Updated Jan 26, 2026
  • github-action-get-latest-release Public

    A Github action to get the latest release from another repository. Secure drop-in replacement for pozetroninc/github-action-get-latest-release.

    step-security/github-action-get-latest-release’s past year of commit activity
    JavaScript 1 MIT 1 1 12 Updated Jan 26, 2026
  • action-semantic-demo Public
    step-security/action-semantic-demo’s past year of commit activity
    TypeScript 0 MIT 0 2 40 Updated Jan 26, 2026
  • ghaction-setup-docker Public

    GitHub Action to set up (download and install) Docker CE. Secure drop-in replacement for docker/setup-docker-action.

    step-security/ghaction-setup-docker’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 15 Updated Jan 26, 2026
  • action-download-artifact Public

    ⚙️ A GitHub Action to download an artifact associated with given workflow and commit or other criteria. Secure drop-in replacement for dawidd6/action-download-artifact.

    step-security/action-download-artifact’s past year of commit activity
    JavaScript 0 MIT 1 1 7 Updated Jan 26, 2026
  • auto-assign-action Public

    An action which adds reviewers to the pull request when the pull request is opened. Secure drop-in replacement for kentaro-m/auto-assign-action.

    step-security/auto-assign-action’s past year of commit activity
    TypeScript 0 MIT 1 1 14 Updated Jan 26, 2026
  • setup-jfrog-cli Public

    Set up JFrog CLI in your GitHub Actions workflow. Secure drop-in replacement for jfrog/setup-jfrog-cli.

    step-security/setup-jfrog-cli’s past year of commit activity
    TypeScript 0 Apache-2.0 1 1 11 Updated Jan 26, 2026
View all repositories

Top languages

Loading…